+

Search Tips   |   Advanced Search

Use HTTP session management support for JAX-WS applications

HTTP session management is performed in the HTTP transport layer by using either cookies or URL rewriting. By providing multiple options for tracking a series of requests, HTTP session management enables JAX-WS applications to appear dynamic to application users.

Develop a JAX-WS dynamic proxy or Dispatch client. To learn more about developing JAX-WS clients, read about developing a JAX-WS client from a WSDL file or developing a dynamic client using JAX-WS APIs.

We can use HTTP session management to maintain user state information on the server, while passing minimal information back to the user to track the session. We can implement HTTP session management on the application server using either session cookies or URL rewriting.

The interaction between the browser, application server, and application is transparent to the user and the application program. The application and the user are typically not aware of the session identifier provided by the server.

Session cookies

The HTTP maintain session feature uses a single cookie, JSESSIONID, and this cookie contains the session identifier. This cookie is used to associate the request with information stored on the server for that session. On subsequent requests from the JAX-WS application, the session ID is transmitted as part of the request header, which enables the application to associate each request for a given session ID with prior requests from that user. The JAX-WS client applications retrieve the session ID from the HTTP response headers and then use those IDs in subsequent requests by setting the session ID in the HTTP request headers.

URL rewriting

URL rewriting works like a redirected URL as it stores the session identifier in the URL. The session identifier is encoded as a parameter on any link or form that is submitted from a web page. This encoded URL is used for subsequent requests to the same server.

  1. Configure the server to enable session tracking. Specify either session cookies or URL rewriting for the session tracking mechanism using the administration console. Read about configuring session tracking to learn how to track sessions with cookies or with URL rewriting.

  2. Enable HTTP session management for the JAX-WS client. We can manually set the maintainSession property to true in the policy set binding.

    • Enable session management on the client using a HTTP transport policy set file. We can configure the HTTP transport policy using the administration console. On the HTTP transport setting page, select the Session enable checkbox to enable an HTTP session. Read about configuring the HTTP transport property to learn how to set this property. We can also manually set the maintainSession property to yes to enable HTTP session management.

    • Enable session management on the client by setting the JAX-WS property, javax.xml.ws.session.maintain, to true.


Results

You have enabled HTTP session management for the JAX-WS application.


Example

The following example is an excerpt from a HTTP Transport policy set that demonstrates how to configure the maintainSession property:

<!-- This is the PolicyType for HTTP transport -->
        <wsp:ExactlyOne>
                <wsp:All>
                        <wshttp:readTimeout>300</wshttp:readTimeout>
                        <wshttp:writeTimeout>300</wshttp:writeTimeout>
                        <wshttp:connectTimeout>180</wshttp:connectTimeout>
                        <wshttp:persistConnection>yes</wshttp:persistConnection>
                        <wshttp:messageResendOnce>no</wshttp:messageResendOnce>
                        <wshttp:chunkTransferEnc>no</wshttp:chunkTransferEnc>
                        <wshttp:acceptRedirectedURL>no</wshttp:acceptRedirectedURL>
                        <wshttp:sendExpectHeader>no</wshttp:sendExpectHeader>
                        <wshttp:maintainSession>yes</wshttp:maintainSession>
                        <wshttp:compressRequest>
                                <wshttp:compressType name="none"></wshttp:compressType>
                        </wshttp:compressRequest>
                        <wshttp:compressResponse>
                                <wshttp:compressType name="none"></wshttp:compressType>
                        </wshttp:compressResponse>
                        <wshttp:protocolVersion>HTTP/1.1</wshttp:protocolVersion>
                </wsp:All>
        </wsp:ExactlyOne>

The following code example is demonstrates how to programmatically enable session management on the client by setting the javax.xml.ws.session.maintain property on the correct JAX-WS object.

Map<String, Object> rc = ((BindingProvider) port).getRequestContext();
...
...
rc.put(BindingProvider.SESSION_MAINTAIN_PROPERTY, Boolean.TRUE);
...
...


Related tasks

  • Use HTTP to transport web services
  • Develop a JAX-WS client from a WSDL file
  • Develop a dynamic client using JAX-WS APIs
  • Configure session tracking